CVE-2025-22603

EUVD-2025-7613

10.03.2025, 19:15

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. The root cause is  that IPV6 address is not restricted or filtered, which allows attackers to perform a server side request forgery to visit an IPV6 service. autogpt-platform-beta-v0.4.2 fixes the issue.

SSRF

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Affected Products (NVD)

Vendor	Product	Version
agpt	autogpt_platform	𝑥 < 0.4.2

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-918 - Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References

https://boatneck-faucet-cba.notion.site/SSRF-of-AutoGPT-153b650a4d88804d923ad65a015a7d61

https://github.com/Significant-Gravitas/AutoGPT/blob/2121ffd06b26a438706bf642372cc46d81c94ddc/autogpt_platform/backend/backend/util/request.py#L11

https://github.com/Significant-Gravitas/AutoGPT/commit/26214e1b2c6777e0fae866642b23420adaadd6c4

https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-4c8v-hwxc-2356